Solution:

open wp-login.php

Find this line

if ( empty( $key ) )

and change with this:

if ( empty( $key ) || is_array( $key ) )

or

patch: http://wordpress.org/development/2009/08/2-8-4-security-release/

Related posts

• Mysql password reset,change (0)
• Some Changes.. (0)

A. Setting up mysql password is one of the essential tasks. root user is MySQL admin account. Please note that Linux / UNIX login root account for your operating system and MySQL root are different. They are separate and nothing to do with each other (indeed some admin removes root account and setup admin as mysql super user).
mysqladmin command to change root password

If you have never set a root password for MySQL, the server does not require a password at all for connecting as root. To setup root password for first time, use mysqladmin command at shell prompt as follows:

$ mysqladmin -u root password NEWPASSWORD

However, if you want to change (or update) a root password, then you need to use following command

$ mysqladmin -u root -p oldpassword newpass

Enter password:
Change MySQL password for other user

To change a normal user password you need to type (let us assume you would like to change password for vivek):

$ mysqladmin -u vivek -p oldpassword newpass

Changing MySQL root user password using mysql sql command

This is another method. MySQL stores username and passwords in user table inside MySQL database. You can directly update password using the following method to update or change password for user vivek:

1) Login to mysql server, type following command at shell prompt:

$ mysql -u root -p

2) Use mysql database (type command at mysql> prompt):

mysql> use mysql;

3) Change password for user vivek:

mysql> update user set password=PASSWORD(“NEWPASSWORD”) where User=’vivek’;

4) Reload privileges:

mysql> flush privileges;
mysql> quit

This method you need to use while using PHP or Perl scripting.

until know , it’s about changing password
how you can reset your mysql pass ?

To be able to modify the existing root password, you must firstly be connected to it. If you know the root password and just want to reinitialize it, you can skip this part. In the case that you don’t have the root password then follow the steps below.
It s is possible to bypass the authentication process and to access MySQL:

Stop the MySQL server.

#/etc/init.d/mysql stop

Restart MySQL, disabling network communication and skipping the authentication procedure.

#mysqld –skip-grant-tables –skip-networking &

Reinitializing the password:

Get connected to the system database (mysql) of MySQL:

# mysql mysql -u root

Type in the following command and reset your password

UPDATE user SET password=PASSWORD(‘newpassword’) WHERE user=”root”;

If you didn’t go through the first step, to validate the changes simply type:

FLUSH PRIVILEGES;

If you started MySQL manually(bypassing the authentication process), the server must be restarted:

#/etc/init.d/mysql restart

Related posts

• WordPress Security Vulnerability (1)
• mysql_insert_id (0)
• install php apache mysql phpmyadmin (3)